A page in your DokuWiki was added or changed. Here are the details: Date : 2017/01/02 11:57 Browser : Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Firefox/45.0 IP-Address : 78.43.90.159 Hostname : HSI-KBW-078-043-090-159.hsi4.kabel-badenwuerttemberg.de Old Revision: http://wiki.x2go.org/doku.php/doc:howto:tce?rev=1483353986 New Revision: http://wiki.x2go.org/doku.php/doc:howto:tce Edit Summary: [List of open ToDos/FIXMEs for this page] User : stefanbaur @@ -583,11 +583,13 @@ FIXME To avoid re-generating SSH Server keys on each ThinClient on every boot, they could be stored * in a file on a HTTP(S)/FTP/RSYNC server * on local storage (/etc/ssh) - * a script 1155-openssh-readsshserverkeys would have to inject them before the server starts + * a script 1155-openssh-readsshserverkeys would have to inject them before the server starts Tricky parts: + * reading to local media means you need a way to determine where to read them from (in case of "toram", look for ntfs-uuid and findiso path) + * reading from a remote server means you should use https, rsync, and/or some kind of signature check * a script 1165-openssh-writesshserverkeys would have to save them to local media/upload them after initial generation. Tricky parts: - * saving to local media means you need a way to determine where to save them + * saving to local media means you need a way to determine where to save them (in case of "toram", look for ntfs-uuid and findiso path) * saving to a remote server means you need some kind of login credentials that could be abused FIXME To be checked: Does the live-config "builtin" command ''live-config.nottyautologin'' do the same as our ''nouser'' command? If yes, ''nouser'' could be removed. Note that ''live-config.nottyautologin'' **might** mean "there's a login prompt, but you just need to enter username ''user'' and password ''live'' to login" - this is not what we want. We need a solution to entirely block user logons. -- This mail was generated by DokuWiki at http://wiki.x2go.org/